As we stated in Chapter 7, the message digest by itself does not give us a very high level of security. We can tell whether somehow the output file in this example has been corrupted because the text that we read in won’t produce the same message digest that was saved with the file. But there’s nothing to prevent someone from changing both the text and the digest stored in the file in such a way that the new digest reflects the altered text.

A secure message digest is called a Message Authentication Code (MAC). A MAC has the property that it cannot be created solely from the input data; it requires a secret key that is shared by the sender and receiver. Hence, an intermediate party cannot change both the data and the MAC without the receiver detecting that the data has been corrupted.

There are various ways in which a message digest can be made into a MAC, but the core Java security API does not provide any standard techniques for doing so. However, JCE does provide a class to produce a MAC, and there are simple ways to calculate a MAC on your own.